[graylog2] Permission denied while trying to launch graylog-server

Hello, I followed this instructions to launch graylog server with docker-compose https://hub.docker.com/r/graylog2/server/ However, when I do a docker-compose up, I end up with the following error : graylog_1 | 2016-04-29 06:41:20,417 ERROR: org.graylog2.bootstrap.CmdLineTool - Guice error

[graylog2] How To Handle Messages With Incorrect Formats

Hello, I'm have a problem with the format of syslog messages sent from an Aruba Instant device. The following is a sample message: Apr 28 21:43:59 *2016* 192.168.110.240 stm[1789]: <304055> <###> |ap| Unexpected stm (S

[graylog2] Unable to start graylog-2.0.0-1.ova using oracle vm box in windows server 2008 R2 standard

Hi , I am trying to start graylog-2.0.0-1.ova using Oracle VirtualBox-5.0.18-106667-Win on Windows server 2008 R2 standard . When I hit the start button on the vm, graylog is up with just a black blank screen . (PFA) How do i start the virtual graylog ubunto os . -- You received this message

[graylog2] How to access field value in pipeline rules

Hi- I'm trying to create a pipeline to send messages to another stream based on the application that generated it. In the message, that's represented in the tag field. All I need is a simple string comparison, but I can't figure out how to access the actual values of the fields. I've tried the

[graylog2] Re: GELF TCP option for collectors

Are you guys following Github or the product ideas page more closely now? Most of the posts on https://www.graylog.org/pages/product_ideas are months old. On Wednesday, April 27, 2016 at 3:12:46 AM UTC-4, Jochen Schalanda wrote: > > Hi Michael, > > the collector sidecar in Graylog 2.0.0 is the v

[graylog2] Switching to whitespace analyzer

I'm trying to change the analyzer from "standard" to "whitespace". I've set the following property in my Graylog server configuration: elasticsearch_analyzer = whitespace It states that my change will be applied to new indices so I manually cycled the deflector so that it is now pointing to gr

[graylog2] Re: graylog-server-2.0.0-5 installation guide for CentOS 7 ?

On Thursday, April 28, 2016 at 1:12:40 PM UTC-5, T.J. Yang wrote: > > Hi there > > Is there a similar graylog2 centos 6 guide > > > but for centos 7 ? > > After some google search, I found this one is

[graylog2] graylog-server-2.0.0-5 installation guide for CentOS 7 ?

Hi there Is there a similar graylog2 centos 6 guide but for centos 7 ? -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this gro

[graylog2] Re: Extraction Help

Hi Henrik, Thank you very much, that looks perfect =) I will try it out as soon as I can. best regards, Peter -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[graylog2] Re: Elasticsearch 2.0.0-5 Client announcing wrong URI

Hello Jochen, I have elasticsearch_network_host, elasticsearch_network_bind_host, and elasticsearch_network_publish_host all set. Basically anywhere I could specify and IP I did so to try and get this working. They didn't appear to have any impact. Thank you, Bryan On Thursday, April 28,

[graylog2] Re: [Upgrade] 1.3.4 to 2.0

Ok Thank you Jochen > >> -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https

[graylog2] Re: Unexpected Index rotation

Does Graylog have a recommended way of handling clusters with multiple graylog-server nodes and master elections? I lost a pretty large chunk of data yesterday due to multiple masters creating multiple indexes per day and causing indexes to roll off. Luckily this was not customer data so other

[graylog2] Re: Web Interface Certificate differences from v1 and v2

It looks like v2 is now fully released. Any idea on how I can get this working? Is it a bug? On Friday, April 15, 2016 at 7:43:32 AM UTC-5, Drew Miranda wrote: > > I tested removing the extra characters before BEGIN > > This STILL did not help. I'm at a loss. > -- You received this message

[graylog2] Re: any scripts for deleting messages containing fields with dots?

Hi Daniel, you could use the Elasticsearch Update API and the integrated scripting for this. See https://stackoverflow.com/questions/29002215/remove-a-field-from-a-elasticsearch-document for a rough idea how to de

[graylog2] Re: Elasticsearch 2.0.0-5 Client announcing wrong URI

Hi Thomas, On Thursday, 28 April 2016 11:20:45 UTC+2, Fachi Son wrote: > > Setting elasticsearch_network_host won't make any difference. > What exactly does that mean? To which value did you set the elasticsearch_network_host configuration setting and what's the current error message regarding

Re: [graylog2] Issue with new graylog 2.0 virtual appliance

Sounds weird, but I'm glad that it's working now. Please write if it happens again, so we can look more into it. Regards, Edmundo > On 28 Apr 2016, at 16:17, David Gerdeman wrote: > > I guess it was just some lag in the update process...When I went back to the > webpage to check for JS errors

Re: [graylog2] Issue with new graylog 2.0 virtual appliance

I guess it was just some lag in the update process...When I went back to the webpage to check for JS errors and the like, every input I created was in the list, with most of them in the failed state because the port was taken by the first instance to start. Looks like it fixed itself. Thanks

Re: [graylog2] Issue with new graylog 2.0 virtual appliance

Hi David, The issue sounds quite odd. Were there errors in your Graylog server logs or browser's JS console when creating the input? Also, did you try restarting your Graylog server to see if the input appears in the list? Regards, Edmundo > On 28 Apr 2016, at 15:42, David Gerdeman wrote: >

[graylog2] Issue with new graylog 2.0 virtual appliance

I'm having an issue on a fresh virtual appliance of graylog v2. When launching a new input (gelf udp on port 7), I get a message saying that adding the new input was successful, but the input never shows up on the inputs page of the web portal, or in the list of inputs returned in the API

[graylog2] Re: Elasticsearch 2.0.0-5 Client announcing wrong URI

The defaults in my setup use an IP of 0.0.0.0. On Thursday, April 28, 2016 at 3:39:21 AM UTC-4, Jochen Schalanda wrote: > > Hi Bryan, > > you can manually set the IP address for the embedded Elasticsearch > instance in Graylog using the elasticsearch_network_host setting in the > configuration f

[graylog2] Re: SSL setup making website unavailable

Sorry for the typo, the path is /opt/graylog/conf/nginx/nginx.conf. On Thursday, April 28, 2016 at 9:22:43 AM UTC-4, Obie wrote: > > In the VMware OVA running ngnix, what would I need to add/change? Here's a > snippet of the config. > > /opt/graylog/conf/ngnix/ngnix.conf > > location / { >

[graylog2] Re: SSL setup making website unavailable

In the VMware OVA running ngnix, what would I need to add/change? Here's a snippet of the config. /opt/graylog/conf/ngnix/ngnix.conf location / { proxy_pass http://localhost:9000/; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-

Re: [graylog2] Re: v2 and multiple interfaces, web not working

I'm running the VMware OVA. I've tried every combination of http/https and eth0's IP and FQDN I can think of. Some changes "get a little further", like when I change rest_transport_uri to https with the IP or FQDN--this at least pulls up the login page, but ends up failing with the same error a

[graylog2] Re: [Upgrade] 1.3.4 to 2.0

Hi, you basically "just" need to upgrade Elasticsearch to version 2.3.2 (latest stable at the point of writing), restart your ES cluster, and then upgrade your Graylog server nodes (the web interface has been merged into the server component). Make sure to read https://github.com/Graylog2/gra

[graylog2] Re: [Upgrade] 1.3.4 to 2.0

My system is centos 6 Le jeudi 28 avril 2016 11:35:50 UTC+2, kaiser a écrit : > > Hello, > > Is there a method to ugrade from 1.3.4 to 2.0 please? > > regards. > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group

[graylog2] [Upgrade] 1.3.4 to 2.0

Hello, Is there a method to ugrade from 1.3.4 to 2.0 please? regards. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. T

[graylog2] Re: Elasticsearch 2.0.0-5 Client announcing wrong URI

Got the same issue here. Graylog-Server (2.0.0.-5) connecting to external Elasticsearch Server. Elasticsearch Config Changes: cluster.name: graylog network.host: 0.0.0.0 discovery.zen.ping.multicast.enabled: false discovery.zen.ping.unicast.hosts: ["publicipelasticsearchserver:9300"] Graylog Ser

[graylog2] Re: howto Upgrade from OVA Image (1.3.3) to Graylog 2.0.0

ok, my graylog currently is running wiht 1.3.3. I will wait for your upgrade instructions Hans-Wolfgang Am Donnerstag, 28. April 2016 09:44:50 UTC+2 schrieb Jochen Schalanda: > > Hi, > > the Omnibus package currently doesn't support upgrading from Graylog 1.x > to Graylog 2.0.0 which is why the

[graylog2] any scripts for deleting messages containing fields with dots?

Hello I was playing with snmp some time ago, it created multiple* fields with dots*. Now new ES doesn't support dots in fields names so I cannot upgrade to graylog 2.0. Messages with those fields contain* no valuable data*, so I'd like to *delete *them from few past indices (yes, I know, I have

[graylog2] Re: graylog 2.0 GA - issues with nginx and reverse proxy - Error: Request has been terminated

Thanks for helping out, i got it working now, im not using ssl, this nginx configuration works for me server { listen 80; location / { proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_headerHost $http_host; proxy_set_headerX

[graylog2] Re: SSL setup making website unavailable

I had to tweak my apache config, see here: http://docs.graylog.org/en/2.0/pages/configuring_webif.html#apache Proxy pass to api is needed now. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving e

[graylog2] Re: v2 and multiple interfaces, web not working

I had to tweak my apache config... see here: http://docs.graylog.org/en/2.0/pages/configuring_webif.html#apache Proxy pass to api is needed now. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving

[graylog2] Re: SSL setup making website unavailable

Cross-post: https://groups.google.com/d/msg/graylog2/kwd3nIt05DI/MrG-bn3bAwAJ On Thursday, 28 April 2016 00:31:14 UTC+2, Obie wrote: > > No, I installed the VMware OVA. Thanks for the link. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To un

Re: [graylog2] Re: v2 and multiple interfaces, web not working

Hi, Try setting the public IP address of your EC2 instance in rest_listen_uri and web_listen_uri. See http://docs.graylog.org/en/2.0/pages/installation/graylog_ctl.html#advanced-settings and https://github.com/Graylog2/omnibus-graylog2/blob/2.0/files/graylog-cookbooks/graylog/attributes/defa

[graylog2] Re: howto Upgrade from OVA Image (1.3.3) to Graylog 2.0.0

Hi, the Omnibus package currently doesn't support upgrading from Graylog 1.x to Graylog 2.0.0 which is why the upgrade fails. You should re-install Graylog 1.3.3 (or 1.3.4) to get back to a working state. We are currently working on some upgrade instructions for the Omnibus package, so that yo

[graylog2] Re: Upgrade to v2.0

Hi Haija, the Omnibus package doesn't support a proper upgrade of Graylog 1.x to Graylog 2.0.0. The upgrade process with APT (or dpkg) most likely failed and left your system in kind of an undefined state. If the web interface is showing the correct version in its footer, everything should be

[graylog2] Re: Unexpected Index rotation

Hi Mike, On Wednesday, 27 April 2016 21:30:28 UTC+2, Mike Daoust wrote: > > as of now Im thinking it was due to multiple graylog-server masters in the > cluster. I ran a config update with chef and all 3 graylog nodes ended up > as masters. > Yes, that's most likely the reason. Graylog master

[graylog2] Re: Elasticsearch 2.0.0-5 Client announcing wrong URI

Hi Bryan, you can manually set the IP address for the embedded Elasticsearch instance in Graylog using the elasticsearch_network_host setting in the configuration file (see https://github.com/Graylog2/graylog2-server/blob/2.0.0/misc/graylog.conf#L187-L192) if the automatically discovered IP a

[graylog2] Re: graylog 2.0 GA - issues with nginx and reverse proxy - Error: Request has been terminated

Hi, starting with Graylog 2.0.0, the web interface has been merged into the server component and is a single-page application directly communicating with the Graylog REST API. Thus, your client (i. e. web browser) must be able to communicate with the Graylog REST API, which isn't possible with